What distinguishes a supply chain compromise from a direct network intrusion, and name one mitigation?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Prepare for the AFSC Cyberspace Operations Officer (17D) Block 5 Exam. Engage with flashcards and detailed multiple choice questions. Ready yourself for success!

Multiple Choice

What distinguishes a supply chain compromise from a direct network intrusion, and name one mitigation?

Explanation:
A supply chain compromise happens when the malicious element is introduced into a product or component during its creation, manufacturing, or delivery—so you end up receiving software or hardware that’s already tampered with before you install or use it. A direct network intrusion, on the other hand, is an attacker breaching your own environment by gaining access to your network or systems after you’ve received the product, often by exploiting flaws, weak credentials, or misconfigurations. One effective mitigation is code signing. When software is code-signed by the publisher, the signature lets you verify that the code hasn’t been altered since it was signed and that it truly comes from a trusted source. This helps prevent tampered software from being installed, which is a common route in supply chain attacks.

A supply chain compromise happens when the malicious element is introduced into a product or component during its creation, manufacturing, or delivery—so you end up receiving software or hardware that’s already tampered with before you install or use it. A direct network intrusion, on the other hand, is an attacker breaching your own environment by gaining access to your network or systems after you’ve received the product, often by exploiting flaws, weak credentials, or misconfigurations.

One effective mitigation is code signing. When software is code-signed by the publisher, the signature lets you verify that the code hasn’t been altered since it was signed and that it truly comes from a trusted source. This helps prevent tampered software from being installed, which is a common route in supply chain attacks.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy